Fix: Patch high-severity vulnerable dependency packages

[ping-huang1]

Summary

• Remediates high-severity vulnerable dependency packages via npx socket fix --id GHSA-677m-j7p3-52f9 --id GHSA-mw96-cpmx-2vgc

Test plan

• Verify CI passes

Safety checklist

• Dependency-only change (no application logic modified)
• package-lock.json updated consistently

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​modelcontextprotocol/​sdk@​1.21.1 ⏵ 1.25.2		+15		-1
	npm/​zod@​3.24.2 ⏵ 3.25.76	+2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Network access: npm @hono/node-server in module http Module: http Location: Package overview From: package-lock.json → npm/@modelcontextprotocol/sdk@1.25.2 → npm/@hono/node-server@1.19.13 ℹ Read more on: This package | This alert | What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@hono/node-server@1.19.13. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Network access: npm @hono/node-server in module http2 Module: http2 Location: Package overview From: package-lock.json → npm/@modelcontextprotocol/sdk@1.25.2 → npm/@hono/node-server@1.19.13 ℹ Read more on: This package | This alert | What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@hono/node-server@1.19.13. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Network access: npm @hono/node-server in module globalThis["fetch"] Module: globalThis["fetch"] Location: Package overview From: package-lock.json → npm/@modelcontextprotocol/sdk@1.25.2 → npm/@hono/node-server@1.19.13 ℹ Read more on: This package | This alert | What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@hono/node-server@1.19.13. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Network access: npm hono in module globalThis["fetch"] Module: globalThis["fetch"] Location: Package overview From: package-lock.json → npm/@modelcontextprotocol/sdk@1.25.2 → npm/hono@4.12.12 ℹ Read more on: This package | This alert | What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/hono@4.12.12. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[semgrep-code-webflow]

Semgrep identified an issue in your code:

The GitHub action astral-sh/setup-uv@v4 uses a mutable version tag that could be rewritten by an attacker to inject malicious code into your workflow.

More details about this

The astral-sh/setup-uv@v4 action is pinned to a version tag instead of a full commit SHA. Version tags in GitHub are mutable—a maintainer can move or re-tag a release at any time. An attacker who compromises the astral-sh/setup-uv repository could overwrite the v4 tag to point to malicious code.

Exploit scenario:

1. An attacker compromises the astral-sh/setup-uv repository and gains push access
2. They force-push a commit containing a backdoor to rewrite the v4 tag
3. Your workflow runs and pulls the malicious code via uses: astral-sh/setup-uv@v4
4. The backdoor executes in the runner environment with access to secrets.SOCKET_SECURITY_API_KEY and your repository code
5. The attacker exfiltrates credentials and source code

Pinning to a specific commit SHA (e.g., @a1b2c3d4e5f6...) creates an immutable reference that cannot be altered after commit creation, even if the tag is rewritten.

To resolve this comment:

✨ Commit Assistant fix suggestion

Suggested change

	uses: astral-sh/setup-uv@v4
	# Pinned to v4 for security; see https://github.com/astral-sh/setup-uv/tags
	uses: astral-sh/setup-uv@ed597411d8f924073f98dfc5c65a23a2325f34cd

View step-by-step instructions

1. Replace the action version in uses: astral-sh/setup-uv@v4 with a full 40-character commit SHA from the official setup-uv repository. For example: uses: astral-sh/setup-uv@ed597411d8f924073f98dfc5c65a23a2325f34cd
2. (Optional but recommended) Add a comment with the pinned SHA to indicate why it's pinned and provide a link to the action/tag for reference, e.g. # Pinned to v4 for security; see https://github.com/astral-sh/setup-uv/tags

Pinning to a commit SHA makes the workflow more secure and prevents unexpected changes if the upstream action is updated.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

• /fp <comment> for false positive
• /ar <comment> for acceptable risk
• /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by third-party-action-not-pinned-to-commit-sha.

_{You can view more details about this finding in the Semgrep AppSec Platform.}